How to limit Windows Defender CPU usage on Windows 10

Windows Defender runs mostly in the background. It will scan new files for threats, and it will also examine any file that you download via the browser, regardless if you’re using Edge or Chrome, or some other browser. It never really runs full system scans while you’re actively using your PC. It will run a scan when it knows you’re away. That said, if you’d like to limit Windows Defender CPU usage so that it never uses the CPU too much, you can.

Microsoft has a documented method that lets you limit Windows Defender CPU usage. It only requires a little command to be run in PowerShell however, you will need admin rights to run it.

Limit Windows Defender CPU usage

The CPU usage is set as a percentage of your CPU’s total processing power. By default, Windows Defender can use up to 50% of the CPU. Decide how much CPU you want Windows Defender to be able to use.

Open PowerShell with admin rights. Run the following command but replace the number at the end with how much CPU usage you want to allocate to Windows Defender.

Set-MpPreference -ScanAvgCPULoadFactor 50

You can increase the limit beyond 50% if you like but you cannot reduce it to 0. All that does is disable throttling which means Windows Defender will use as much of your CPU as it wants.

The throttling applies to when Windows Defender runs a full scan and will be applied when it tends to start running if your system is idle. This may have an impact on how much time it takes to run a full scan on your system. It won’t impact how well Windows Defender can protect your system and it certainly won’t turn off the scans it runs when you download new files to your system. If you often think about disabling Windows Defender simply because it slows you system down too much, this is a far better alternative.

As for why you should limit CPU usage for Windows Defender, the app tends to drag everything down. If you happen to have an HDD instead of an SSD, you will notice that your system slows down much too much when Windows Defender runs its scans. If your system has an SSD though, chances are you won’t notice Windows Defender running all that much. They may be expensive but SSDs make a huge difference.

Change the throttling level around until you have something that doesn’t slow your system down too much but also manages to run at least one scan a week.

Read How to limit Windows Defender CPU usage on Windows 10 by Fatima Wahab on AddictiveTips – Tech tips to make you smarter

How to exclude an app from Exploit Protection on Windows 10

Windows Defender is often discounted as annoying and intrusive and many Windows 10 users look for ways to deactivate it. The fact is that Windows Defender is an effective tool for keeping your system safe. Its virus definitions update regularly but apart from that, it also has features that protect your system against newer, more sophisticated threats such as ransomware. Exploit Protection is one such feature that keeps harmless apps from being weaponized. If you need to though, you can exclude an app from Exploit Protection. Just do so at your own risk.

Exclude app from Exploit Protection

In order to exclude an app from Exploit Protection, you will need admin rights. Open Windows Defender and go to App & Browser Control. Scroll to the bottom and select Exploit Protection settings under the Exploit Protection section.

On the Exploit protection settings screen, go to the Program Settings tab and click the ‘Add program to customize’ option. The easiest way to add a program is to select its EXE. Go that route and in the file browser window that opens, navigate to and select the EXE of the app you want to exclude.

Once the app has been added to the list, select it, and click the Edit button.

This will open a long list of settings that you can enable/disable. If you’re looking for a particular type of setting to disable, you can do so and leave everything else unchanged. Click Apply to add the exception.

Why exclude apps?

Exploit protection rarely has a negative impact on any app’s performance however, there are still exceptions. It seems that there are certain games that have trouble running smoothly when this feature is enabled for them which is why users are looking to disable it for just those games.

What is Exploit Protection?

Exploit protection is a form of code injection. It works via a harmless app such as Microsoft Word. If you were to open a Word document, you would do so with little thought to it being malicious and for good reason. It’s a document and logically, the worst thing it can have is bad margins but if the document originated from an unknown source, chances are it has a bit of malicious code in it. This code itself can’t be executed via a file but the program i.e., Microsoft Word can be used to run it and cause damage.

Exploits look for weaknesses in apps that they can use to infect or hijack systems and the infection is spread through harmless files that the app will run. Exploit Protection counters it.

Read How to exclude an app from Exploit Protection on Windows 10 by Fatima Wahab on AddictiveTips – Tech tips to make you smarter

How to remove an app from Windows Defender on Windows 10

Windows Defender either blocks, or warns against running almost all types of apps. Even if you’re installing an app that was developed by Microsoft, you will still see an alert asking if you want to install the app or allow it to make changes to your system. This is of course for your own protection and while it may be a minor inconvenience it’s a necessary one. If you’ve allowed an app to run on Windows 10, it has been added to the Windows Defender whitelist. If you later need to remove an app from Windows Defender, here’s how you can do just that.

Remove app from Windows Defender

The Windows Defender app doesn’t have a dedicated panel for removing apps that have been whitelisted. Instead, you have to go through the Control Panel.

Open Control Panel and go to System and Security. Click Windows Defender Firewall. In the column on the left, click the ‘Allow an app or feature through Windows Defender Firewall’ option.

On the next screen, click the Change Settings button and scroll down the list of Allowed apps and features. Select the app that you want to remove from Windows Defender, and click the Remove button at the bottom of the list.

This app will no longer be able to make any changes to your system unless you allow it. If, for example, you remove Chrome or Firefox from the list, they will no longer be able to install updates which, normally, browsers can automatically do.

This list isn’t an exhaustive one which means that some apps installed on your system will not appear in the list. In this case, you can use the Command Prompt to remove an app from Windows Defender.

Open Command Prompt with admin rights. Run the following command but replace ‘App Name’ with the name of the app that you want to remove from Windows Defender, and ‘Path-to-app EXE’ with the path to the app’s EXE file.

Syntax

netsh advfirewall firewall add rule name="app name" dir=in action=block program="path-to-app EXE" enable=yes

Example

netsh advfirewall firewall add rule name="Chrome" dir=in action=block program="C:\Program Files (x86)\Google\Chrome\Application\Chrome.exe" enable=yes

You can always add an app back. To do so, simply run the app again and when Windows Defender prompts you to, allow the app to make changes to your system. If you want to add it back to the Windows Defender whitelist via Command Prompt, run the following command;

netsh advfirewall firewall add rule name="app name" dir=in action=allow program="path-to-app EXE" enable=yes

Replace the app name and the path to the app EXE with the name of the app you want to add and the path to its EXE file.

Read How to remove an app from Windows Defender on Windows 10 by Fatima Wahab on AddictiveTips – Tech tips to make you smarter

How to enable sandbox mode for Windows Defender on Windows 10

Windows Defender is the anti-virus that Microsoft packages with Windows 10. It does cause problems for some users but overall, if you’re not running an anti-virus, Windows Defender will keep you safe. Microsoft does make changes to it to keep up with new threats. You get regular virus definition updates delivered via Windows updates, and there’s a neat Ransomware protection feature that you can enable for extra safety. Microsoft has added a new sandbox mode for Windows Defender.

This sandbox mode hasn’t been enabled for users just yet. It’s a work in progress but, if you’re willing, you can enable it on the stable version of Windows 10. Here’s how.

Sandbox mode for Windows Defender

In order to enable sandbox mode Windows Defender, you’re going to need admin rights. You’re making a modification to Windows Defender which isn’t something you can do with normal user rights.

Open Command Prompt with admin rights. Run the following command to enable sandbox mode.

setx /M MP_FORCE_USE_SANDBOX 1

Restart your system to apply the change.

If you find that, after enabling sandbox mode, your system is running slower, there are too many false flags, or you have trouble accessing files or apps on your system, you may want to disable it.

Open Command Prompt with admin rights, and run this command to disable it.

setx /M MP_FORCE_USE_SANDBOX 0

Restart your system.

Sandboxing, particularly for an anti-virus is pretty amazing. At present there aren’t any other anti-virus apps that can run in sandbox mode. Sandboxing basically lets an app run in its own environment that’s blocked off from everything else. Other apps cannot access it unless the sandboxed app allows them in. This isn’t a big deal if an app isn’t malicious but for apps that are malicious or viruses, that means they cannot interfere with Windows Defender.

Windows Defender is a good anti-virus but there are malicious apps out there that can disable it. If it ever comes to that, the only option users have is to format your drive and reinstall Windows 10. The sandbox mode will make it harder for a malicious app to disable Windows Defender, if not near impossible.

The sandbox mode is still a work-in-progress. This means that while you can force enable it, it may not add the level of protection that it should. It’s not going to make Windows Defender less effective if you have it enabled and it isn’t working right but if you have trouble with your system after enabling it, you should disable it and wait until Microsoft gives it a clean bill of health.

Read How to enable sandbox mode for Windows Defender on Windows 10 by Fatima Wahab on AddictiveTips – Tech tips to make you smarter

How To Exclude A File From Windows Defender On Windows 10

Windows Defender runs in the background to keep your system safe from malicious apps and processes. It will routinely give you alerts to let you know it ran a scan and found nothing. It also tells you when it’s found a potential threat though sometimes, it does identify the wrong file as malicious. This tends to happen with anti-virus apps and services. VirusTotal will sometimes get a false positive and even Chrome will incorrectly block certain files. Sometimes Windows Defender will flag a safe file as malicious. In that case, you can exclude a file from Windows Defender.

A Word Of Caution

While it is entirely possible that Windows Defender is flagging the wrong file, we should caution you nevertheless on adding the file as an exception. If the file is an app EXE and it’s suddenly being flagged as malicious after being updated, it might actually have a problem. Sometimes, in rare cases, something malicious ends up becoming part of an otherwise safe app when it’s updated so you should try and scan the app with a different anti-virus.

If you’ve downloaded an app from an unreliable source, it may be worth getting a second opinion on it. Sometimes apps that are otherwise safe are bundled with malicious code and made available for download on online repositories. Make sure you get the file from a reliable source.

Exclude A File From Windows Defender

You can exclude a file, folder, process, or a certain type of file from Windows Defender. You will need administrative rights to add an exception to Windows Defender.

Open Windows Defender and click the ‘Settings’ button on the left column at the bottom.

On the Settings screen, scroll down to the Virus & threat protection notifications section, click the Virus & threat protection settings option.

Scroll down to the Exclusions section and click ‘Add or remove exclusions’.

On the Exclusions screen, click the ‘Add an exclusion’ button and select what you want to exclude from being scanned by Windows Defender.

It’s at this point you will need to authenticate with the admin username and password to allow the exclusion to be added. This is also where you can remove any exclusions that you’ve added and that too will require administrative rights.

Normally, these permissions are never reset but if you happen to update an app file that you added to the excluded files list, you might want to check and make sure that it hasn’t been removed. You should also know that this is specific to files. If you exclude a file, delete it later, and download a copy of it, it will not automatically be excluded from Windows Defender.

If Windows Defender is giving you momentary problems e.g., it won’t let you install a file, you should try disabling it for a while instead of adding a file exception.

Read How To Exclude A File From Windows Defender On Windows 10 by Fatima Wahab on AddictiveTips – Tech tips to make you smarter